3.3.5.1.1.3 Secure Response

The request payload becomes the payload element as defined in section 3.1.5.1.

The client MUST also prepare a fragment element with the name "fragment" in the namespace "urn:groove.net", as defined in section 2.2.3 under the request payload sub-section. The fragment element MUST have one child element as the payload wrapper element. The payload wrapper element MUST have one child element named "SE" in the namespace "urn:groove.net". The "urn:groove.net:SE" element MUST contain no content and is referred as the security element. This fragment element becomes the header element as defined in section 3.1.5.1.

The SHA1 digest (as defined in [RFC3174]) of the key MUST be added as the value for the attribute KeyID on the security element "urn:groove.net:SE".

With the fragment element, the request payload, and the key derived from the account configuration code, the client MUST follow the steps in section 3.1.5 to secure the request and restore the serialized secured fragment element.